package com.example.demo.AppUtil;

import com.example.demo.anno.IgnoreAuth;
import com.example.demo.config.LocalDateTimeFormatConfig;
import com.example.demo.entity.AnToken;
import com.example.demo.error.ApiRRException;
import com.example.demo.service.IAnTokenService;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.time.LocalDateTime;
import java.time.ZoneId;
import java.util.Date;

/*
 * @Author:大力王
 * @Date:2024/6/20-20-0:32
 * 开始了
 */
@Component
public class AuthorizationInterceptor {
    @Autowired
    private IAnTokenService anTokenService;
    @Resource
    private LocalDateTimeFormatConfig localDateTimeFormatConfig;
    public static final String LOGIN_USER_KEY = "LOGIN_USER_KEY";
    public static final String LOGIN_TOKEN_KEY = "token";

    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler){
        //支持跨域请求
        response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Credentials", "true");
        response.setHeader("Access-Control-Allow-Headers", "x-requested-with,token,X-URL-PATH,content-type");
        response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));

        IgnoreAuth annotation;
        if (handler instanceof HandlerMethod) {
            annotation = ((HandlerMethod) handler).getMethodAnnotation(IgnoreAuth.class);
        } else {
            return true;
        }

        //如果有@IgnoreAuth注解，则不验证token
        if (annotation != null) {
            return true;
        }

        //从header中获取token
        String token = request.getHeader(LOGIN_TOKEN_KEY);
        //如果header中不存在token，则从参数中获取token
        if (StringUtils.isBlank(token)) {
            token = request.getParameter(LOGIN_TOKEN_KEY);
        }

        //token为空
        if (StringUtils.isBlank(token)) {
            throw new ApiRRException("请先登录", 401);
        }

        //查询token信息
        AnToken tokenEntity = anTokenService.queryByToken(token);
        LocalDateTime now = tokenEntity.getExpireTime();
        Date date = Date.from(now.atZone(ZoneId.systemDefault()).toInstant());
        if (date.getTime() < System.currentTimeMillis()) {
            throw new ApiRRException("token失效，请重新登录", 401);
        }

        //设置userId到request里，后续根据userId，获取用户信息
        request.setAttribute(LOGIN_USER_KEY, tokenEntity.getUserId());

        return true;
    }
}
